mpm

Just published a blog post talking about some iOS kernel framebuffer research I’ve been looking at over the last couple weeks. Have a read if you’re interested :)https://link.medium.com/3155zMpgm3 

If you're interested in Samsung's TrustZone, the talk I gave at #BHUSA2019 is online. It presents the work we did with @NeatMonster_ and @patateQbool at @quarkslab. We are at #36c3 if you want to come say hi. :)https://youtu.be/uXH5LJGRwXI 

New XMas release of frida-fuzzer: 1.2 https://github.com/andreafioraldi/frida-fuzzer/releases … A release with Android fuzzing in mind. Moar speed for remote (e.g. with adb) and ARM fuzzing and support to dictionaries.

Writeup on how I made $40,000 breaking the new Chromium Edge using essentially two XSS flaws.https://leucosite.com/Edge-Chromium-EoP-RCE/ …

In the 1st of our Top 5 bugs for 2019, @hosselot takes a look at a sandbox escape in #Firefox originally submitted to the program by @_niklasb. Read the details at http://bit.ly/2M0XatD  #ZDITop5

Day 2 of our Top 5 bugs for 2019 is an LPE in win32k.sys through indexed color palettes. The deep and thorough analysis is provided by Marcin Wiązowski, who reported the bug. http://bit.ly/38O65s0  #ZDITop5

For Day 4 of our Top 5 bugs of 2019, @WanderingGlitch details how the @fluoroacetate duo used a RegExp vuln in the infotainment system to win a #Tesla Model 3 at #P2OVancouver this year.http://bit.ly/2S43Jzk 

Introducing the fzero fuzzer! A target-architecture-agnostic grammar-based fuzzer (inspired by F1). With no input size constraints, multi-thread support, and all Rust code for no corruption bugs. 5x faster than the worlds fastest grammar-based fuzzer ;Dhttps://github.com/gamozolabs/fzero_fuzzer …

Pro-tip. Ever wonder what a structure _actually_ looks like in memory when it's full of unions, typedefs, etc? The `pahole` command (from the `dwarves` package) can take in an ELF with DWARF symbols and output the structures unrolled recursively. Example:https://gist.github.com/gamozolabs/0ec182194706b6e0a3a1ee1a5ae09e17 …